Web Authentication Component Vulnerability Could Lead to Privilege Escalation
CVE-2024-2378

8HIGH

Key Information:

Vendor: Hitachi
Status: Sdm600
Vendor: CVE Published:; 30 April 2024

Summary

A vulnerability is present in the web-authentication component of the Hitachi Energy SDM600. When exploited, this flaw can allow an attacker to escalate privileges on installations utilizing this product. Proper safeguards should be implemented to mitigate these risks, and users are advised to apply any relevant security patches or updates to protect their systems.

Affected Version(s)

SDM600 1.x < 1.3.4

SDM600 1.3.4.572

References

https://publisher.hitachienergy.com/preview?DocumentId=8D...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 30, 2024
Vulnerability Reserved
Mar 11, 2024